Infoblox Deployment Guide - Implementing Microsoft Server ... · PDF fileManagement) services. ... Click on Use general credentials or enter the credentials for Active Directory

© 2017 Infoblox Inc. All rights reserved. Implementing Microsoft Server DNS Logging and Diagnostics with Reporting and Analytics Page 1 of 14

DEPLOYMENT GUIDE

Implementing Microsoft Server DNS Logging and Diagnostics with Reporting and Analytics


Contents Introduction ...................................................................................................................................... 3Feature Overview ............................................................................................................................ 3Data Flow for Grid Support of Microsoft DNS and DHCP Servers .................................................. 3Requirements .................................................................................................................................. 4Deployment Summary ..................................................................................................................... 4Deployment Instructions .................................................................................................................. 4

Enable Analytics on the Microsoft Server ................................................................................. 4

Add Microsoft DNS and DHCP servers to the Grid ................................................................... 7

Enable receiving of report data from Microsoft server ............................................................ 12

Viewing Reports ...................................................................................................................... 13

Troubleshooting ...................................................................................................................... 13


Introduction The Infoblox DDI solution now supports data from Microsoft DNS and DHCP services and integrates this data into the reporting and analytics platform thus providing a single view into all DDI (DNS, DHCP and IP Address Management) services. This deployment guide explains how to enable and provision Microsoft DNS and DHCP logging, to integrate with the Infoblox Reporting and Analytics platform.

Feature Overview • Supports existing DNS/DHCP/IPAM reports to include the data from Microsoft DNS and DHCP servers

along with Infoblox appliance data. • Synchronizes Microsoft ‘DNS Analytic events’ logged for DNS queries and DNS responses in ‘Event

Viewer’ for preparing DNS reports data. • DHCP/IPAM reports data is prepared based upon existing Microsoft DHCP object synchronization. • Leverages Microsoft server managing Grid member’s reporting configurations and service to prepare the

data as a forwarder and send to reporting member (indexer). • Uploads the collected data files to Data Connector VM to support DCVM reports with Microsoft DNS data. • The following DHCP Reports are supported with Microsoft data:

o DHCP Lease History o DHCP Message Rate Trend o DHCP Top Lease Clients o DHCPv4 Usage Trend o DHCPv4 Usage Statistics o DHCPv4 Range Utilization Trend o DHCPv4 Top Utilized Networks

• The following IPAM reports are supported with Microsoft data: o IPAMv4 Network Usage Statistics o IPAMv4 Network Usage Trend o IPAMv4 Top Utilized Networks

• The following DNS reports are supported with Microsoft data: o DDNS Update Rate Trend o DNS Top Requested Domain Names o DNS Query Rate by Query Type o DNS Top Clients o DNS Query Rate by Member o DNS Daily Peak Hour Query Rate by Member o DNS Top Clients per Domain o DNS Top NXDOMAIN-NOERROR (no data) o DNS Top SERVFAIL Errors Sent o DNS Top Timed-Out Recursive Queries o DNS Query Trend Per IP Block Group o DNS Domains Queried by Client o DNS Domain Query Trend o Top DNS Clients by Query Type o DNS Top Clients Querying MX Records

Data Flow for Grid Support of Microsoft DNS and DHCP Servers


Requirements The following items are required for Microsoft DNS and DHCP server support:

• Infoblox NIOS version 8.2.1 or later. • Infoblox Microsoft management license for every member that will service Microsoft DNS and DHCP

servers. • Infoblox Reporting server. • Microsoft Server 2012 R2 upgraded with latest patches or Microsoft Server 2016.

Deployment Summary • Enable enhanced DNS logging and diagnostics. • Install Microsoft management license on each member performing MS synchronization services. • Add Microsoft DNS and DHCP servers to the Grid Member(s).

Deployment Instructions

Enable Analytics on the Microsoft Server 1. Log onto the Microsoft Server.


2. From an elevated command prompt, type eventvwr.msc to start the event viewer.

3. In the event viewer, navigate to Applications and Services Logs à Microsoft à Window à DNS-Server.

This entry will not appear if the Microsoft 2012 R2 server is not up-to-date on patches.


4. Right click on DNS-Server, point to View, and the click Show Analytic and Debug Logs. The Analytical log will be displayed.

5. Right Click on Analytical and then click on Properties.

6. In the screen above, under When maximum event log size is reached, choose Do not overwrite events

(Clear logs manually), select the Enable logging checkbox, and click OK when you are asked if you want


to enable this log. Note: This step is documented in the Microsoft website.

Add Microsoft DNS and DHCP servers to the Grid 1. This section is optional if you have already added your Microsoft servers to the Grid Master. If you have

already added Microsoft servers to your grid, then skip to the next section. 2. Navigate Grid à Microsoft Servers à Toolbar à Add à Microsoft Servers. Enter the domain/username

and password. Select the managing member by clicking on the Select Member button. Click Next. Note: The screen shot below is just an example. Refer to the NIOS Adminstrators Guide on setting the


proper Microsoft server credentials.


3. Click on Use general credentials or enter the credentials for DNS and DHCP services. Click Next.


4. Click on Use general credentials or enter the credentials for Active Directory Sites. Click Next.


5. Add the IP address of the Microsoft server and click on the relevant services for this server. Click Save and Close.

6. After about 5 minutes of synchronizing the data between the Grid Master, you should see the following:


Enable receiving of report data from Microsoft server 1. Navigate to Grid à Grid Manager à Toolbar à Grid Properties à Edit.

2. Toggle Advanced Mode and then click on Microsoft Integration. Click on Synchronize DNS

Reporting Data. Click Save and Close.


3. By default, the analytics logs from the Microsoft server are synchronized from Microsoft event logs every 15 seconds. You can change the DNS synchronization interval to any time between 1 second to 3600 seconds.

Viewing Reports 1. Navigate to Reporting à Dashboards and pick one or more of the supported reports. Take note of the

Microsoft server drop down menu for filtering purposes.

Troubleshooting If the reports are not showing any data from the Microsoft servers, you can look at the Audit log or Microsoft log.


1. To see the Audit log, navigate to Administration à Logs à Audit Log. Look for entries that pertain to the IP address of the Microsoft server.

2. To see the Microsoft log, navigate to Administration à Logs à Microsoft Log.

Documents

Infoblox Deployment Guide - Implementing Microsoft Server ... · PDF fileManagement) services. ... Click on Use general credentials or enter the credentials for Active Directory